Dynamic Symbolic Execution (DSE) is a state-of-the-art test-generation
approach that systematically explores program paths to generate high-covering
tests. In DSE, the presence of loops (especially unbound loops) can cause an
enormous or even infinite number of paths to be explored. There exist techniques
(such as bounded iteration, heuristics, and summarization) that assist DSE in
addressing loop problems. However, there exists no literature-survey or empirical
work that shows the pervasiveness of loop problems or identifies challenges faced
by these techniques on real-world open-source applications. To fill this gap, we
provide characteristic studies to guide future research on addressing loop
problems for DSE. Our proposed study methodology starts with conducting a
literature-survey study to investigate how technical problems such as loop
problems compromise automated software-engineering tasks such as test generation,
and which existing techniques are proposed to deal with such technical problems.
Then the study methodology continues with conducting an empirical study of
applying the existing techniques on real-world software applications sampled
based on the literature-survey results and major open-source project hostings.
This empirical study investigates the pervasiveness of the technical problems and
how well existing techniques can address such problems among real-world software
applications. Based on such study methodology, our two-phase characteristic
studies identify that bounded iteration and heuristics are effective in
addressing loop problems when used properly. Our studies further identify
challenges faced by these techniques and provide guidelines for effectively
addressing these challenges.